From 5d8a5d9d0dab36da262b0e5b3b25b886fad2b6f5 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Tue, 11 Jul 2000 01:05:24 +0000
Subject: Allow name lookup to fail and fall back to using the "Everyone" SID
 as SD owner. Allows smbd to work without winbindd running. Check for security
 implications ! Jeremy. (This used to be commit
 9bd64da1e26a1b4a2df2b0537feb604a40762bb1)

---
 source3/printing/nt_printing.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'source3/printing')

diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index 3a40fdceab..bdc9e54a07 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1609,11 +1609,13 @@ static SEC_DESC_BUF *construct_default_printer_sdb(void)
 	   on the PDC of the domain. */
 
 	if (!winbind_lookup_name("Administrator", &owner_sid, &name_type)) {
-		return NULL;  /* Doh */
+		/*
+		 * Backup - make owner the everyone sid. This may be a security
+		 * hole for print control .... check. JRA.
+		 */
+		sid_copy( &owner_sid, &global_sid_World);
 	}
 
-	
-
 	/* The ACL revision number in rpc_secdesc.h differs from the one
 	   created by NT when setting ACE entries in printer
 	   descriptors.  NT4 complains about the property being edited by a
-- 
cgit